Storage path of RSA key pairs and certificates on the firewall

0

The storage path of RSA key pairs and certificates varies according to the device model.
RSA key pairs and certificates are stored in the hda1:/ directory on the USG6000 and in the cfcard:/ directory on the USG9500.

Other related questions:
Configuring the pre-shared IPSec key on the firewall
You can configure the IPSec pre-shared key on the USG as follows: Run the pre-shared command in the IKE peer view to configure the pre-shared key or run the undo pre-shared-key command to cancel the pre-shared key. Requirements: The pre-shared key is a string of 1-128 characters.It supports special characters(such as !,@ ,#,$,and %)instead of spaces.It is case-sensitive.The system converts the character string as cipher-text key,saved in the configuration file.Authentication keys on both ends of a security connection must be consistent. Configuration example: #Set the authentication key of IKE peer1 to Test!123. system-view //Enter the system view. [sysname] ike peer peer1 //Enter the IKE peer view. [sysname-ike-peer-peer1] pre-shared-key Test!123 //Set the pre-shared key.

How to Use PuTTY to Log In to a Node in Key Pair Authentication Mode in FusionStorage
1. Check whether PuTTY on the local PC has been used to log in to a node in key pair authentication mode. ? If yes, go to Step 7. ? If no or you cannot confirm, go to Step 2. 2. Run PuTTY and enter the IP address of the target node and the SSH port number (default value: 22). 3. In the Category area in the left pane, choose Connection > SSH > Auth. The SSH authentication configuration page is displayed. 4. Click Browse, select the prepared private key certificate in the displayed window, and click Open. The file name extension of the private key certificate is *.ppk. 5. In the Category area in the left pane, select Session. The main page is displayed. 6. To facilitate subsequent access, create a custom session in Saved Sessions and click Save. After this step, go to Step 8. 7. Select a saved session and click Load. 8. Click Open. 9. Enter the username for logging in to the target node as prompted. You are required to enter the certificate password if the in-use private key certificate is an encrypted certificate.

How to Use WinSCP to Log In to a Node in Key Pair Authentication Mode in FusionStorage
1. Check whether WinSCP on the local PC has been used to log in to a node in key pair authentication mode. ? If yes, go to Step 4. ? If no or you cannot confirm, go to Step 2. 2. Run WinSCP and specify the following information about the target node: ? IP address and the SSH port number (default value: 22). ? Username for the SSH login. For example, the username for logging in to a FusionSphere OpenStack node is fsp. ? Private key certificate. Select the prepared local private key certificate file. The file name extension of the private key certificate is *.ppk. 3. To facilitate subsequent access, click Save and set the session name in the displayed dialog box. After this step, go to Step 5. 4. In the navigation tree in the left pane, choose Session > Stored sessions and select the saved session. 5. Click Login. If the in-use private key certificate is an encrypted certificate, the Key passphrase window is displayed when a session is setup. In this case, enter the certificate password.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top